"Since a router is not used to store data, a judge reasoned, it fails to qualify as a computer"
It's not 'used' to store data, but it does store data and as such would qualify as a computer under that definition.
A Dutch court has ruled that hacking into Wi-Fi connections is not a crime providing any connected computers remain untouched. However Wi-Fi freeloaders would still lay themselves open to civil proceedings. The unusual ruling came in the case of a student who threatened a shooting rampage against staff at students at Maerlant …
A router *incidentally* stores data so that it can do its job. Nobody is using it to store data with the intention of retrieving that data later for some purpose of their own.
Your toaster may also store data, but if I use it illicitly I am using it as a toaster, not a computer.
Even if it did --on persistent storage as opposed to transient memory-- AND you could sway a judge that this falls under the letter of the law, then that still has no bearing on the spirit of the law. Otherwise, causing your MAC address to be stored in someone else's computer, like through ARP, gratuitous or otherwise, would already end up being a punishable offence. I don't think going that far would be very reasonable.
*My* router stores all sorts of information. Off hand I can think of:
Port forwarding rules, MAC addresses for reserved DHCP leases, DNS servers (I use Google's open DNS server as secondary and tertiary backups), and my WPA-PSK.
These are all pieces of data I entered into it manually, and it keeps them even when powered off. If that's ain't "storage" then tell me what is.
"storage, processing and transmission of data"
That is what a router does, data is temporarily stored in memory, processed and then transmitted again. The key itself is stolen from the device which could also count as storage.
Just because it doesn't have 300GB doesn't mean data is not stored.
If hacking the router is legal, is keeping a copy of anything you might happen to see passing through it while you're in there also legal, as the concept of "storage" would seem to apply to the device itself rather than what you nefariously attach to it?
I've just read the small print on this can, it says: "Warning: May contain worms."
Bandwidth isnt theft so using it is like civil trespass, or taking photos while trespassing.
In civil trespassing if the landowner can prove you denied earnings they have a good chance of a civil win. If you run a business via your internet connection you could say the bandwidth theft denied other potential customers and so denied moneys so you could make a civil claim for loss of earnings.
If a router were to qualify as a computer, then so would a telephone, a washing machine, a car, ... anything containing digital electronics. And then the authorities would try to add "computer hacking" to the charges brought against every joyrider, and you'd end up with stupidity like the US concept of "wire fraud". Best not to go anywhere near that slippery slope. If they want hacking into networks to be illegal, modify the legislation so that it is. Don't abuse existing laws.
It summarized that since the router stored no files for the user, the law is not applicable which deals with accessing files and information stored on a network.
It is not a clueless judge, just one who applies the law, both to the letter as well as the intention.
(the user breached the network to post on a site via that IP, not to get data from the network).
If the hacker would have accessed a computer, snooped traffic, or if the router had user files stored in it, the law would have been applicable, but in this case the law is outdated, and must be amended/updated to apply for this sort of cases.
The point the judge makes is that both in the law (Wetboek van Strafrecht 80sexies) and in the 'Memorandum of Understanding' during the creation of the law, they only considered devices ('automated works') that store (in a non-transient form), (substantially) process *and* transmit data. According to the judge a router fails that test because it does not 1) store (non-transient) the data sent, and 2 does not process the data beyond what is necessary for transmission.
Secondary, the judge finds that the computer crime law (Wetboek van Strafrecht 138a) according to the legal history was intended for protection of those who 'through actual security measures have made clear that they want to shield their data/information from prying eyes'.
As the defendant did not break into a computer (80sexies), and the misuse / misappropriation of a connection is not covered in law (138a), the defendant was cleared of that charge.
*Applause* Look, other commentards, see how much smarter people seem when they actually have a fucking clue what they're talking about because they took time to click the links or read something of the story before spewing their brain farts into the interwebs ?
Look upon the above comment and aspire to it.
This is a lot more like using somebody's phone without their permission.
It's the using it for illegal, reprehensible, or, say, defamatory purpose that already attracts penalties, usually. For instance, using somebody's own wireless router could be part of an impersonation or identity theft attack.
A lot of people live on their own, and many don't have a lot of visitors, so their fixed network address, if it's secure - as it ought to be - will be used only by them.
Also, a service such as a bank MIGHT allow login only from one new!twork address, so that you can do banking at home. You'd still have a password and so on but those might be written down, if you're stupid. So cracking your home network could be a FACTOR in stealing your money.
Legal prosecution usually uses the standard of reasonable doubt. If you have a secure home network, there isn't much reasonable doubt that only you are using it. Therefore I expect to find, if I ask and if anybody wants to tell me, that terrorists and child abusers use insecure networks and insecure computers so that they can claim that whatever happened on their equipment may have been done by somebody else. Alleged music sharers have used the same defence. Ideological music sharers also may appreciate it as a way to share. You could hide old PCs with wi-fi near to public places for guerilla music sharing without going onto the Internet and getting caught. I suppose the same applies for terrorism and child abuse...
I take the view there are far too many laws and existing laws can be used if designed properly.
"getting onto a network" via wireless or wires without stealing or physical damage is akin to civil trespass, were if told to get off you did and the gate was closed (password changed) no further action is usually taken.
Taking files off a network this way is just like burglary and so should be tried as such with the same fines, laws etc.
Why make-up a totally new set of laws just because the medium is different. At the end of the day some thing was taken (not in this case as an example) so regardless of physically or virtually breaking in it should be tried as theft.
Wireless packet headers usually*** have three MAC address fields in them. One's the identification of the network which is usually, but not necessarily the same as, the access point's MAC address. This ESSID serves the same purpose as network cable -- it allows you to distinguish traffic on your network from that of your neighbors'. Google collected ESSIDs as useful location information -- they weren't "Slurping" addresses for some nefarious purposes but the fuss made about what they did and why suggests that a lot of technical people haven't a clue what's going on below the socket layer, let alone understand how the MAC works.
(***They 'usually' have three addresses but sometimes they can have four....so there.....)
...the fact that 4chan actually gave info to the authorities. That's not like them.
But then, usually that info is worthless because Anonymous and similar uses intermediary jumps with no logging so tracing them is beyond most police capabilities. So I guess you could say that the amateur had it coming...
4chan are ****s; consequently, you can almost count on them to do the most ****ish thing that is reasonably possible in any situation.
If you leave your back door unlocked and 4chan see you do it, they will wait till you've gone and steal your TV - really this is an analogy for what they actually do, which is interfere with other people's computers.
If they see their best friend stealing your TV, they will shoot him in both legs and then call the police. And then probably steal the TV.
It's about being a ****. 4chan is a place set up online where people go to be ****s amongst like minded ****s. They are all ****s. It's what 4chan is about.
It is indeed a good verdict: The judge looked at the law and saw that it wasn't written to prosecute anything but diving into someone's computer and wreaking havoc/stealing information/whatever. Turns out there's no law against retrieving wlan keys and making use of someone else's wlan without permission, so it's not forbidden.
Intuition might say it should be, but it may be more realistic to look at the damage caused by the act of making use of someone else's wlan and prosecute for that. That would be negligible in this case, but perhaps a lot less in others. Thus the bottom line may very well be that there needs to be no law against it.
The term used is actually more "breach of the peace in a computer" rather than "hacking". The latter is overbroad and sensationalised and that in turn might easily influence public opinion. I don't think we need more of that sensationalism. How sensational is it these days to use someone else's wireless and internet uplink for, well, anything? Don't we already know very well that wlan isn't all that secure anyway?
A computer is a programmable machine designed to sequentially and automatically carry out a sequence of arithmetic or logical operations. All layer 3 and up devices are computers..... at least. Any programmable layer 2 device would also be one. You might even argue all layer 2 devices are. If you're going to be anal about the letter of the law, at least be anal about the definition of computer. Now where did I leave my abacus?
The Dutch are incredibly computer-literate. The problem here is the laws, that are outdated. According to the law, hacking a router is not illegal, because they do not have a law that covers routers. This will likely change pretty soon, fact is, in Holland, they apply the law - compare that to US, UK or France where when a law does not cover this or that aspect, they just condem and try to find a way to "interpret" the article in a way that would allow them to condem ... the obvious caveat is that the laws end up being interpreted in hundreds of different ways, which means that nobody knows what is and is not covered by the article, in the end.
AFAIK it isn't a crime to open the combination lock on your locker - though it would be a crime to take anything out. Likewise, figuring out the password for the connection does no harm in itself. Actually USING the connection is a different matter.
I don't like it, but i can see the reasoning.
Biting the hand that feeds IT © 1998–2020